Skip to content

ssl load_verify_locations cadata can't work #3148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cn-kali-team opened this issue Sep 27, 2021 · 6 comments
Open

ssl load_verify_locations cadata can't work #3148

cn-kali-team opened this issue Sep 27, 2021 · 6 comments

Comments

@cn-kali-team
Copy link

build

cargo build --release --all-features

RustPython

import urllib.request
req = urllib.request.Request(url="https://www.httpbin.org")
html = urllib.request.urlopen(req).read().decode()
print(html)

output

D:\RustPython\target\release (main -> origin)                         
λ rustpython.exe                                                      
Welcome to the magnificent Rust Python 0.1.2 interpreter � �                              
>>>>> import urllib.request                                           
>>>>> req = urllib.request.Request(url="https://www.httpbin.org")     
>>>>> html = urllib.request.urlopen(req).read().decode()              
Traceback (most recent call last):                                    
  File "urllib.request", line 1355, in do_open                        
  File "http.client", line 1239, in request                           
  File "http.client", line 1285, in _send_request                     
  File "http.client", line 1234, in endheaders                        
  File "http.client", line 1026, in _send_output                      
  File "http.client", line 964, in send                               
  File "http.client", line 1400, in connect                           
  File "ssl", line 507, in wrap_socket                                
  File "ssl", line 1043, in _create                                   
  File "ssl", line 1040, in _create                                   
  File "ssl", line 1311, in do_handshake                              
  File "ssl", line 1309, in do_handshake                              
  File "ssl", line 1309, in do_handshake                              
SSLError: (134, 'certificate verify failed (_ssl.c:1915)')            
                                                                      
During handling of the above exception, another exception occurred:   
                                                                      
Traceback (most recent call last):                                    
  File "<stdin>", line 1, in <module>                                 
  File "urllib.request", line 222, in urlopen                         
  File "urllib.request", line 525, in open                            
  File "urllib.request", line 543, in _open                           
  File "urllib.request", line 502, in _call_chain                     
  File "urllib.request", line 1398, in https_open                     
  File "urllib.request", line 1361, in do_open                        
  File "urllib.request", line 1357, in do_open                        
URLError: (134, 'certificate verify failed (_ssl.c:1915)')            
>>>>> exit()

Python

D:\RustPython\target\release (main -> origin)
λ python
Python 3.9.5 (tags/v3.9.5:0a7dcbd, May  3 2021, 17:27:52) [MSC v.1928 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import urllib.request
>>> req = urllib.request.Request(url="https://www.httpbin.org")
>>> html = urllib.request.urlopen(req).read().decode()
>>> print(html)
<!DOCTYPE html>
<html lang="en">
...

SSL

  • code
import ssl
import urllib.request
from certifi import where, contents

req = urllib.request.Request(url="https://www.httpbin.org")
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.load_verify_locations(cafile=None, capath=None, cadata=contents())

html = urllib.request.urlopen(req, context=ssl_context).read().decode()
print(html)
  • output
λ rustpython.exe test.py
Traceback (most recent call last):
  File "urllib.request", line 1355, in do_open
  File "http.client", line 1239, in request
  File "http.client", line 1285, in _send_request
  File "http.client", line 1234, in endheaders
  File "http.client", line 1026, in _send_output
  File "http.client", line 964, in send
  File "http.client", line 1400, in connect
  File "ssl", line 507, in wrap_socket
  File "ssl", line 1043, in _create
  File "ssl", line 1040, in _create
  File "ssl", line 1311, in do_handshake
  File "ssl", line 1309, in do_handshake
  File "ssl", line 1309, in do_handshake
SSLError: (134, 'certificate verify failed (_ssl.c:1915)')

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "test.py", line 8, in <module>
    html = urllib.request.urlopen(req).read().decode()
  File "urllib.request", line 222, in urlopen
  File "urllib.request", line 525, in open
  File "urllib.request", line 543, in _open
  File "urllib.request", line 502, in _call_chain
  File "urllib.request", line 1398, in https_open
  File "urllib.request", line 1361, in do_open
  File "urllib.request", line 1357, in do_open
URLError: (134, 'certificate verify failed (_ssl.c:1915)')
  • I had to write the certificate to the file system and load it.
@cn-kali-team
Copy link
Author

It works well in Linux, and the above problems only reappear in window.

import ssl
import urllib.request
from certifi import where, contents

req = urllib.request.Request(url="https://www.httpbin.org")
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.load_verify_locations(cafile=where(), capath=None, cadata=None)

html = urllib.request.urlopen(req, context=ssl_context).read().decode()
print(html)
  • This works well in rustpython.

@Snowapril
Copy link
Contributor

This code also works in Rustpython with linux

Welcome to the magnificent Rust Python 0.1.2 interpreter 😱 🖖
>>>>> import urllib.request
>>>>> req = urllib.request.Request(url="https://www.httpbin.org")
>>>>> html = urllib.request.urlopen(req).read().decode()
>>>>> print(html)
<!DOCTYPE html>
<html lang="en">
...

@coolreader18
Copy link
Member

Oh, yea, I've known about this for a while and I've tried a couple times to figure out why it doesn't work. No luck so far; I last tried a couple months ago iirc.

@oroppas
Copy link

oroppas commented Sep 27, 2021

Could https://bugs.python.org/issue36011 be related?

@coolreader18
Copy link
Member

Oh, lol, I actually fixed this back in June but I just forgot and never opened a PR; to be fair I left for summer camp a couple days after I got it working but still 😅

Could you check if #3210 works?

@cn-kali-team
Copy link
Author

Oh, lol, I actually fixed this back in June but I just forgot and never opened a PR; to be fair I left for summer camp a couple days after I got it working but still sweat_smile

Could you check if #3210 works?

I recompiled the test and passed.
It works. Thank you for your help.

@vincent-herlemont vincent-herlemont mentioned this issue Jan 20, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@oroppas @Snowapril @cn-kali-team @coolreader18